Internet of Things

Executive Summary

With an already seemingly countless number of connected devices, the Internet of Things (IoT) will be a gigantic growth market in the coming years. As a consequence, many billions of devices will need to be securely connected with each other. However, not everyone who wants to benefit from this trend has the necessary know-how. The ideal solution lets developers concentrate on their core competencies while buying the required specialist know-how in the shape of affordable, reliable, and pre-validated computer-on-modules.

congatec has paired its embedded computers with the validated software package from Intel®, Wind River and McAfee to provide new services based on the connection of devices with each other and the cloud. The bundle includes McAfee® Embedded Control which, among other things, includes dynamic whitelisting to prevent the execution of unapproved code while at the same time allowing policy-based updates.

In combination with the validated package of the “Intel® Gateway Solutions for IoT”, congatec provides a pre-integrated and open platform starter kit to bring secure IoT solutions quickly to market.

Key Business Objectives

congatec and Intel® offer an open, scalable, and expandable embedded computer hard- and software package to developers and system integrators so that they can connect their devices and systems to a global cloud system. They do this in a way that minimizes one-off development and instead leverages existing technology, standards, and protocols, while providing the ability to remotely manage the distributed devices and the applications running at the edge. The result should be cost-effective, standards-based, and broadly interoperable.

Business Challenges

The IoT is growing steadily and rapidly. All these intelligent objects ("things") have their own IP address, are constantly connected to each other via the Internet and can communicate more or less freely with each other. That this scenario is open to abuse and that sensitive data and devices must therefore be protected from unauthorized access is obvious.

The first requirement for a network of machines and devices of any kind is secure IoT access. This can be provided either directly or via a gateway. In the first case, a gateway will already be implemented in the individual device. The tasks are largely identical, however, in the gateway scenario a protocol conversion between the internal and external network is often useful and necessary.

Security is a complex issue and involves many aspects: The English language differentiates between "safety" (broadly referring to safe operation) and "security" (meaning safe from attacks by outsiders). In an industrial environment, both aspects must be implemented seamlessly and without gaps, so as not to compromise the whole system. This requires in-depth know-how and special expertise that most companies lack in the Factory 4.0.

Solution Benefits

IoT-based embedded solutions from Intel® and congatec make it easier to build embedded business-to-business solutions. Knowing that many aspects of the IoT are the same for everyone – and that few potential IoT developers have the time or inclination to develop all the design level from scratch – congatec has spent the past several years crafting an IoT Computer-On-Module platform for IoT developers, device and systems integrators.

Standard computer modules – the fast lane to success:

For those who neither want to rely on finished, commercially available devices nor go through the complicated and time-consuming process of certifying their own developments with Intel®, the use of pre-certified function blocks makes good sense. Many industry sectors already use modular computer systems that are highly scalable for the specific application and based on proven standards such as Qseven or COM Express. The use of modules that are pre-certified for the Intel® solution not only saves time and cost when implementing secure Internet connectivity; they also open up all the advantages of modular computer systems. Important criteria when selecting a module supplier include support of the relevant standards, quality of the modules and the ability of the module manufacturer to effectively support the system manufacturer in the development of his own systems.

Easy Integration:

In combination with the validated package of the “Intel® Gateway Solutions for IoT”, the congatec IoT starter kit provides a pre-integrated and open platform to bring secure IoT solutions quickly to the device developer and the design.

Data Security:

The combination of reliable hardware and a consistent software package, starting with the firmware and operating system, forms a "root of trust" for IoT applications. By bundling a baseboard that incorporates a TPM (Trusted Platform Module) chip, congatec helps ensure that applications can be operated with maximum data security.

Secure Communications:

Ensuring the factory network is protected is of critical importance; this is why Intel® and congatec incorporate multiple security mechanisms to create a chain of trust from industrial devices to the cloud.

Solution Overview

The answer is called "Intel® Gateway Solutions for IoT"

As a leading manufacturer of processors and platforms, Intel® quickly realized that security is a major obstacle for widespread access to the IoT. In cooperation with its subsidiaries Wind River and McAfee, Intel® set out to develop a secure end-to-end solution available from one source. This seamless and secure solution combines the individual products and special expertise from each company for selected platforms such as the Intel® Atom™-38xx family. Wind River supplies the Wind River® Intelligent Device Platform XT which includes the operating system (Wind River Linux5.0), pre-validated software stacks, hardware drivers and matching libraries and tools. Functions such as administration, communication, connectivity and security as well as runtime environments such as Java, Lua and OSGi are all supported. McAfee’s security software, McAfee® Embedded Control, provides features such as dynamic application whitelisting (only registered and verified applications can run) and change control (all modifications of the code and environment must be explicitly approved before execution). Intel® provides the hardware platform itself plus hardware feature enhancements such as TPM (Tamper Proof Module) and matching hardware-related software and stacks.

The essential point here is that Intel® validates the end solution as a whole, i.e. the complete processor board including all firmware.

Technology

An ideal platform for powerful IoT gateways Measuring just 70x70 mm2, the conga-QA3 Qseven module from congatec with processors from the Intel® Atom™ E3800 family is particularly well suited for connecting to the "Intel® Gateway Solutions for IoT". It enables the use of Intel® Atom™ processors with up to four cores and clock speeds from 1.33 to 1.91 GHz. Depending on the system and its application, the total power consumption ranges between as little as 4.5 watts and 12 watts. This enables the development of very economical and extremely powerful embedded

PCs, that can be hermetically sealed and operate fanless in an extended temperature range. The maximum RAM size is 8GB DDR3L memory, and the integrated Intel® HD graphics can support two independent Full HD displays via DisplayPort, HDMI or LVDS. Numerous interfaces and functions (including Gigabit Ethernet and USB3.0) enable fast and cost-effective realization of high- performance embedded systems with low power consumption such as Box PCs or other customized solutions.

The combination of reliable hardware and a consistent software package, including everything from firmware to operating system and applications, provides a totally secure root of trust for IoT gateway applications. Thanks to outstanding performance, it is possible to carry out additional demanding tasks such as evaluation, consolidation, storage and visualization of data, as well as sophisticated protocol conversions between the individual connection levels. Typical industrial applications are found in automation, energy technology and building automation, as well as transportation and many other areas that demand increased data security.

An end-to-end solution

QSys is a modular embedded PC based on the Intel® Atom™ E38xx. The combination of the IoT baseboard and the congatec conga-QA3 module provides a highly compact embedded computer system and an ideal platform for use with the "Intel® Gateway Solutions for IoT".

The compact box design, with external dimensions of only 100x100x23 mm³ and many interfaces and functions, is an example of how to quickly and cost-effectively implement a high-performance, passively cooled embedded system for gateway applications. Hardware security features such as TPM 1.2/2.0, the Sentinel HL Security Controller and integrated secure EEPROM enable the realization of embedded systems with an exceptional level of security.

Options and extensions

The example has shown how quick and easy it is with congatec’s modular system to build concrete solutions for secure IoT gateways. The right know-how and technology can, however, bring further benefits. Thanks to the 70x70 mm compact form factor of the Qseven module it is easy to transfer the system layout to a customized system, making the development of complete single board computer systems a simple and inexpensive task. The re-validation effort is relatively low because key components, such as processor, I/O system, network peripherals and firmware, require no or little modification. congatec has, for example, already implemented a complete mini-ITX single board solution.

Start with the IoT Kit

The kit provides a complete starter set for the rapid prototyping of embedded IoT applications on device or gateway level. The Qseven IoT kit contains a Qseven COM based on the latest Intel® Atom™ E38xx processor family, a compact IoT carrier board, a 7" LVDS single touch display with LED backlight, and an extensive set of accessories including AC power supply and 802.11 WLAN antenna with IoT Wind River Linux image on a USB stick. With this kit, developing an IoT demo system takes a matter of minutes.

The kit comes with congatec’s successful conga-QA3 Qseven COM based on the new Intel® Atom™ E3827 processor (XM cache, 1.6GHz, XW TDP). A space-saving single-chip processor and low power consumption make this an ideal solution for fanless designs in applications that require enhanced IoT connectivity. These include, for example, M2M and motion control applications for Industry 4.0, gateways, or system and control monitoring in smart home automation.

In combination with the validated Package of the “Intel® Gateway Solutions for IoT”, the conga QA3 provides a pre-integrated and open platform to bring secure IoT solutions quickly to market.

What does the future hold?

While current modules are primarily designed to provide gateway functionality for applications in the areas of industrial electronics, mechanical engineering, energy

supply and transportation, subsequent modules and validation packages will cover additional functionalities and industry segments. The possibilities offered by the IoT are virtually unlimited and hold a rich potential for further development. With reliable partners and well-engineered, validated product packages this potential can be exploited quickly and safely.